1 /*
2 * QEMU Guest Agent win32-specific command implementations for SSH keys.
3 * The implementation is opinionated and expects the SSH implementation to
4 * be OpenSSH.
5 *
6 * Copyright Schweitzer Engineering Laboratories. 2024
7 *
8 * Authors:
9 * Aidan Leuck <aidan_leuck@selinc.com>
10 *
11 * This work is licensed under the terms of the GNU GPL, version 2 or later.
12 * See the COPYING file in the top-level directory.
13 */
14
15 #include "qemu/osdep.h"
16 #include <aclapi.h>
17 #include <qga-qapi-types.h>
18
19 #include "commands-common-ssh.h"
20 #include "commands-windows-ssh.h"
21 #include "guest-agent-core.h"
22 #include "limits.h"
23 #include "lmaccess.h"
24 #include "lmapibuf.h"
25 #include "lmerr.h"
26 #include "qapi/error.h"
27
28 #include "qga-qapi-commands.h"
29 #include "sddl.h"
30 #include "shlobj.h"
31 #include "userenv.h"
32
33 #define AUTHORIZED_KEY_FILE "authorized_keys"
34 #define AUTHORIZED_KEY_FILE_ADMIN "administrators_authorized_keys"
35 #define LOCAL_SYSTEM_SID "S-1-5-18"
36 #define ADMIN_SID "S-1-5-32-544"
37
38 /*
39 * Frees userInfo structure. This implements the g_auto cleanup
40 * for the structure.
41 */
free_userInfo(PWindowsUserInfo info)42 void free_userInfo(PWindowsUserInfo info)
43 {
44 g_free(info->sshDirectory);
45 g_free(info->authorizedKeyFile);
46 LocalFree(info->SSID);
47 g_free(info->username);
48 g_free(info);
49 }
50
51 /*
52 * Gets the admin SSH folder for OpenSSH. OpenSSH does not store
53 * the authorized_key file in the users home directory for security reasons and
54 * instead stores it at %PROGRAMDATA%/ssh. This function returns the path to
55 * that directory on the users machine
56 *
57 * parameters:
58 * errp -> error structure to set when an error occurs
59 * returns: The path to the ssh folder in %PROGRAMDATA% or NULL if an error
60 * occurred.
61 */
get_admin_ssh_folder(Error ** errp)62 static char *get_admin_ssh_folder(Error **errp)
63 {
64 /* Allocate memory for the program data path */
65 g_autofree char *programDataPath = NULL;
66 char *authkeys_path = NULL;
67 PWSTR pgDataW = NULL;
68 g_autoptr(GError) gerr = NULL;
69
70 /* Get the KnownFolderPath on the machine. */
71 HRESULT folderResult =
72 SHGetKnownFolderPath(&FOLDERID_ProgramData, 0, NULL, &pgDataW);
73 if (folderResult != S_OK) {
74 error_setg(errp, "Failed to retrieve ProgramData folder");
75 return NULL;
76 }
77
78 /* Convert from a wide string back to a standard character string. */
79 programDataPath = g_utf16_to_utf8(pgDataW, -1, NULL, NULL, &gerr);
80 CoTaskMemFree(pgDataW);
81 if (!programDataPath) {
82 error_setg(errp,
83 "Failed converting ProgramData folder path to UTF-16 %s",
84 gerr->message);
85 return NULL;
86 }
87
88 /* Build the path to the file. */
89 authkeys_path = g_build_filename(programDataPath, "ssh", NULL);
90 return authkeys_path;
91 }
92
93 /*
94 * Gets the path to the SSH folder for the specified user. If the user is an
95 * admin it returns the ssh folder located at %PROGRAMDATA%/ssh. If the user is
96 * not an admin it returns %USERPROFILE%/.ssh
97 *
98 * parameters:
99 * username -> Username to get the SSH folder for
100 * isAdmin -> Whether the user is an admin or not
101 * errp -> Error structure to set any errors that occur.
102 * returns: path to the ssh folder as a string.
103 */
get_ssh_folder(const char * username,const bool isAdmin,Error ** errp)104 static char *get_ssh_folder(const char *username, const bool isAdmin,
105 Error **errp)
106 {
107 DWORD maxSize = MAX_PATH;
108 g_autofree char *profilesDir = g_new0(char, maxSize);
109
110 if (isAdmin) {
111 return get_admin_ssh_folder(errp);
112 }
113
114 /* If not an Admin the SSH key is in the user directory. */
115 /* Get the user profile directory on the machine. */
116 BOOL ret = GetProfilesDirectory(profilesDir, &maxSize);
117 if (!ret) {
118 error_setg_win32(errp, GetLastError(),
119 "failed to retrieve profiles directory");
120 return NULL;
121 }
122
123 /* Builds the filename */
124 return g_build_filename(profilesDir, username, ".ssh", NULL);
125 }
126
127 /*
128 * Creates an entry for the user so they can access the ssh folder in their
129 * userprofile.
130 *
131 * parameters:
132 * userInfo -> Information about the current user
133 * pACL -> Pointer to an ACL structure
134 * errp -> Error structure to set any errors that occur
135 * returns -> 1 on success, 0 otherwise
136 */
create_acl_user(PWindowsUserInfo userInfo,PACL * pACL,Error ** errp)137 static bool create_acl_user(PWindowsUserInfo userInfo, PACL *pACL, Error **errp)
138 {
139 const int aclSize = 1;
140 PACL newACL = NULL;
141 EXPLICIT_ACCESS eAccess[1];
142 PSID userPSID = NULL;
143
144 /* Get a pointer to the internal SID object in Windows */
145 bool converted = ConvertStringSidToSid(userInfo->SSID, &userPSID);
146 if (!converted) {
147 error_setg_win32(errp, GetLastError(), "failed to retrieve user %s SID",
148 userInfo->username);
149 goto error;
150 }
151
152 /* Set the permissions for the user. */
153 eAccess[0].grfAccessPermissions = GENERIC_ALL;
154 eAccess[0].grfAccessMode = SET_ACCESS;
155 eAccess[0].grfInheritance = NO_INHERITANCE;
156 eAccess[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
157 eAccess[0].Trustee.TrusteeType = TRUSTEE_IS_USER;
158 eAccess[0].Trustee.ptstrName = (LPTSTR)userPSID;
159
160 /* Set the ACL entries */
161 DWORD setResult;
162
163 /*
164 * If we are given a pointer that is already initialized, then we can merge
165 * the existing entries instead of overwriting them.
166 */
167 if (*pACL) {
168 setResult = SetEntriesInAcl(aclSize, eAccess, *pACL, &newACL);
169 } else {
170 setResult = SetEntriesInAcl(aclSize, eAccess, NULL, &newACL);
171 }
172
173 if (setResult != ERROR_SUCCESS) {
174 error_setg_win32(errp, GetLastError(),
175 "failed to set ACL entries for user %s %lu",
176 userInfo->username, setResult);
177 goto error;
178 }
179
180 /* Free any old memory since we are going to overwrite the users pointer. */
181 LocalFree(*pACL);
182 *pACL = newACL;
183
184 LocalFree(userPSID);
185 return true;
186 error:
187 LocalFree(userPSID);
188 return false;
189 }
190
191 /*
192 * Creates a base ACL for both normal users and admins to share
193 * pACL -> Pointer to an ACL structure
194 * errp -> Error structure to set any errors that occur
195 * returns: 1 on success, 0 otherwise
196 */
create_acl_base(PACL * pACL,Error ** errp)197 static bool create_acl_base(PACL *pACL, Error **errp)
198 {
199 PSID adminGroupPSID = NULL;
200 PSID systemPSID = NULL;
201
202 const int aclSize = 2;
203 EXPLICIT_ACCESS eAccess[2];
204
205 /* Create an entry for the system user. */
206 const char *systemSID = LOCAL_SYSTEM_SID;
207 bool converted = ConvertStringSidToSid(systemSID, &systemPSID);
208 if (!converted) {
209 error_setg_win32(errp, GetLastError(), "failed to retrieve system SID");
210 goto error;
211 }
212
213 /* set permissions for system user */
214 eAccess[0].grfAccessPermissions = GENERIC_ALL;
215 eAccess[0].grfAccessMode = SET_ACCESS;
216 eAccess[0].grfInheritance = NO_INHERITANCE;
217 eAccess[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
218 eAccess[0].Trustee.TrusteeType = TRUSTEE_IS_USER;
219 eAccess[0].Trustee.ptstrName = (LPTSTR)systemPSID;
220
221 /* Create an entry for the admin user. */
222 const char *adminSID = ADMIN_SID;
223 converted = ConvertStringSidToSid(adminSID, &adminGroupPSID);
224 if (!converted) {
225 error_setg_win32(errp, GetLastError(), "failed to retrieve Admin SID");
226 goto error;
227 }
228
229 /* Set permissions for admin group. */
230 eAccess[1].grfAccessPermissions = GENERIC_ALL;
231 eAccess[1].grfAccessMode = SET_ACCESS;
232 eAccess[1].grfInheritance = NO_INHERITANCE;
233 eAccess[1].Trustee.TrusteeForm = TRUSTEE_IS_SID;
234 eAccess[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
235 eAccess[1].Trustee.ptstrName = (LPTSTR)adminGroupPSID;
236
237 /* Put the entries in an ACL object. */
238 PACL pNewACL = NULL;
239 DWORD setResult;
240
241 /*
242 *If we are given a pointer that is already initialized, then we can merge
243 *the existing entries instead of overwriting them.
244 */
245 if (*pACL) {
246 setResult = SetEntriesInAcl(aclSize, eAccess, *pACL, &pNewACL);
247 } else {
248 setResult = SetEntriesInAcl(aclSize, eAccess, NULL, &pNewACL);
249 }
250
251 if (setResult != ERROR_SUCCESS) {
252 error_setg_win32(errp, GetLastError(),
253 "failed to set base ACL entries for system user and "
254 "admin group %lu",
255 setResult);
256 goto error;
257 }
258
259 LocalFree(adminGroupPSID);
260 LocalFree(systemPSID);
261
262 /* Free any old memory since we are going to overwrite the users pointer. */
263 LocalFree(*pACL);
264
265 *pACL = pNewACL;
266
267 return true;
268
269 error:
270 LocalFree(adminGroupPSID);
271 LocalFree(systemPSID);
272 return false;
273 }
274
275 /*
276 * Sets the access control on the authorized_keys file and any ssh folders that
277 * need to be created. For administrators the required permissions on the
278 * file/folders are that only administrators and the LocalSystem account can
279 * access the folders. For normal user accounts only the specified user,
280 * LocalSystem and Administrators can have access to the key.
281 *
282 * parameters:
283 * userInfo -> pointer to structure that contains information about the user
284 * PACL -> pointer to an access control structure that will be set upon
285 * successful completion of the function.
286 * errp -> error structure that will be set upon error.
287 * returns: 1 upon success 0 upon failure.
288 */
create_acl(PWindowsUserInfo userInfo,PACL * pACL,Error ** errp)289 static bool create_acl(PWindowsUserInfo userInfo, PACL *pACL, Error **errp)
290 {
291 /*
292 * Creates a base ACL that both admins and users will share
293 * This adds the Administrators group and the SYSTEM group
294 */
295 if (!create_acl_base(pACL, errp)) {
296 return false;
297 }
298
299 /*
300 * If the user is not an admin give the user creating the key permission to
301 * access the file.
302 */
303 if (!userInfo->isAdmin) {
304 if (!create_acl_user(userInfo, pACL, errp)) {
305 return false;
306 }
307
308 return true;
309 }
310
311 return true;
312 }
313 /*
314 * Create the SSH directory for the user and d sets appropriate permissions.
315 * In general the directory will be %PROGRAMDATA%/ssh if the user is an admin.
316 * %USERPOFILE%/.ssh if not an admin
317 *
318 * parameters:
319 * userInfo -> Contains information about the user
320 * errp -> Structure that will contain errors if the function fails.
321 * returns: zero upon failure, 1 upon success
322 */
create_ssh_directory(WindowsUserInfo * userInfo,Error ** errp)323 static bool create_ssh_directory(WindowsUserInfo *userInfo, Error **errp)
324 {
325 PACL pNewACL = NULL;
326 g_autofree PSECURITY_DESCRIPTOR pSD = NULL;
327
328 /* Gets the appropriate ACL for the user */
329 if (!create_acl(userInfo, &pNewACL, errp)) {
330 goto error;
331 }
332
333 /* Allocate memory for a security descriptor */
334 pSD = g_malloc(SECURITY_DESCRIPTOR_MIN_LENGTH);
335 if (!InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION)) {
336 error_setg_win32(errp, GetLastError(),
337 "Failed to initialize security descriptor");
338 goto error;
339 }
340
341 /* Associate the security descriptor with the ACL permissions. */
342 if (!SetSecurityDescriptorDacl(pSD, TRUE, pNewACL, FALSE)) {
343 error_setg_win32(errp, GetLastError(),
344 "Failed to set security descriptor ACL");
345 goto error;
346 }
347
348 /* Set the security attributes on the folder */
349 SECURITY_ATTRIBUTES sAttr;
350 sAttr.bInheritHandle = FALSE;
351 sAttr.nLength = sizeof(SECURITY_ATTRIBUTES);
352 sAttr.lpSecurityDescriptor = pSD;
353
354 /* Create the directory with the created permissions */
355 BOOL created = CreateDirectory(userInfo->sshDirectory, &sAttr);
356 if (!created) {
357 error_setg_win32(errp, GetLastError(), "failed to create directory %s",
358 userInfo->sshDirectory);
359 goto error;
360 }
361
362 /* Free memory */
363 LocalFree(pNewACL);
364 return true;
365 error:
366 LocalFree(pNewACL);
367 return false;
368 }
369
370 /*
371 * Sets permissions on the authorized_key_file that is created.
372 *
373 * parameters: userInfo -> Information about the user
374 * errp -> error structure that will contain errors upon failure
375 * returns: 1 upon success, zero upon failure.
376 */
set_file_permissions(PWindowsUserInfo userInfo,Error ** errp)377 static bool set_file_permissions(PWindowsUserInfo userInfo, Error **errp)
378 {
379 PACL pACL = NULL;
380 PSID userPSID;
381
382 /* Creates the access control structure */
383 if (!create_acl(userInfo, &pACL, errp)) {
384 goto error;
385 }
386
387 /* Get the PSID structure for the user based off the string SID. */
388 bool converted = ConvertStringSidToSid(userInfo->SSID, &userPSID);
389 if (!converted) {
390 error_setg_win32(errp, GetLastError(), "failed to retrieve user %s SID",
391 userInfo->username);
392 goto error;
393 }
394
395 /* Prevents permissions from being inherited and use the DACL provided. */
396 const SE_OBJECT_TYPE securityBitFlags =
397 DACL_SECURITY_INFORMATION | PROTECTED_DACL_SECURITY_INFORMATION;
398
399 /* Set the ACL on the file. */
400 if (SetNamedSecurityInfo(userInfo->authorizedKeyFile, SE_FILE_OBJECT,
401 securityBitFlags, userPSID, NULL, pACL,
402 NULL) != ERROR_SUCCESS) {
403 error_setg_win32(errp, GetLastError(),
404 "failed to set file security for file %s",
405 userInfo->authorizedKeyFile);
406 goto error;
407 }
408
409 LocalFree(pACL);
410 LocalFree(userPSID);
411 return true;
412
413 error:
414 LocalFree(pACL);
415 LocalFree(userPSID);
416
417 return false;
418 }
419
420 /*
421 * Writes the specified keys to the authenticated keys file.
422 * parameters:
423 * userInfo: Information about the user we are writing the authkeys file to.
424 * authkeys: Array of keys to write to disk
425 * errp: Error structure that will contain any errors if they occur.
426 * returns: 1 if successful, 0 otherwise.
427 */
write_authkeys(WindowsUserInfo * userInfo,GStrv authkeys,Error ** errp)428 static bool write_authkeys(WindowsUserInfo *userInfo, GStrv authkeys,
429 Error **errp)
430 {
431 g_autofree char *contents = NULL;
432 g_autoptr(GError) err = NULL;
433
434 contents = g_strjoinv("\n", authkeys);
435
436 if (!g_file_set_contents(userInfo->authorizedKeyFile, contents, -1, &err)) {
437 error_setg(errp, "failed to write to '%s': %s",
438 userInfo->authorizedKeyFile, err->message);
439 return false;
440 }
441
442 if (!set_file_permissions(userInfo, errp)) {
443 return false;
444 }
445
446 return true;
447 }
448
449 /*
450 * Retrieves information about a Windows user by their username
451 *
452 * parameters:
453 * userInfo -> Double pointer to a WindowsUserInfo structure. Upon success, it
454 * will be allocated with information about the user and need to be freed.
455 * username -> Name of the user to lookup.
456 * errp -> Contains any errors that occur.
457 * returns: 1 upon success, 0 upon failure.
458 */
get_user_info(PWindowsUserInfo * userInfo,const char * username,Error ** errp)459 static bool get_user_info(PWindowsUserInfo *userInfo, const char *username,
460 Error **errp)
461 {
462 DWORD infoLevel = 4;
463 LPUSER_INFO_4 uBuf = NULL;
464 g_autofree wchar_t *wideUserName = NULL;
465 g_autoptr(GError) gerr = NULL;
466 PSID psid = NULL;
467
468 /*
469 * Converts a string to a Windows wide string since the GetNetUserInfo
470 * function requires it.
471 */
472 wideUserName = g_utf8_to_utf16(username, -1, NULL, NULL, &gerr);
473 if (!wideUserName) {
474 goto error;
475 }
476
477 /* allocate data */
478 PWindowsUserInfo uData = g_new0(WindowsUserInfo, 1);
479
480 /* Set pointer so it can be cleaned up by the callee, even upon error. */
481 *userInfo = uData;
482
483 /* Find the information */
484 NET_API_STATUS result =
485 NetUserGetInfo(NULL, wideUserName, infoLevel, (LPBYTE *)&uBuf);
486 if (result != NERR_Success) {
487 /* Give a friendlier error message if the user was not found. */
488 if (result == NERR_UserNotFound) {
489 error_setg(errp, "User %s was not found", username);
490 goto error;
491 }
492
493 error_setg(errp,
494 "Received unexpected error when asking for user info: Error "
495 "Code %lu",
496 result);
497 goto error;
498 }
499
500 /* Get information from the buffer returned by NetUserGetInfo. */
501 uData->username = g_strdup(username);
502 uData->isAdmin = uBuf->usri4_priv == USER_PRIV_ADMIN;
503 psid = uBuf->usri4_user_sid;
504
505 char *sidStr = NULL;
506
507 /*
508 * We store the string representation of the SID not SID structure in
509 * memory. Callees wanting to use the SID structure should call
510 * ConvertStringSidToSID.
511 */
512 if (!ConvertSidToStringSid(psid, &sidStr)) {
513 error_setg_win32(errp, GetLastError(),
514 "failed to get SID string for user %s", username);
515 goto error;
516 }
517
518 /* Store the SSID */
519 uData->SSID = sidStr;
520
521 /* Get the SSH folder for the user. */
522 char *sshFolder = get_ssh_folder(username, uData->isAdmin, errp);
523 if (sshFolder == NULL) {
524 goto error;
525 }
526
527 /* Get the authorized key file path */
528 const char *authorizedKeyFile =
529 uData->isAdmin ? AUTHORIZED_KEY_FILE_ADMIN : AUTHORIZED_KEY_FILE;
530 char *authorizedKeyPath =
531 g_build_filename(sshFolder, authorizedKeyFile, NULL);
532 uData->sshDirectory = sshFolder;
533 uData->authorizedKeyFile = authorizedKeyPath;
534
535 /* Free */
536 NetApiBufferFree(uBuf);
537 return true;
538 error:
539 if (uBuf) {
540 NetApiBufferFree(uBuf);
541 }
542
543 return false;
544 }
545
546 /*
547 * Gets the list of authorized keys for a user.
548 *
549 * parameters:
550 * username -> Username to retrieve the keys for.
551 * errp -> Error structure that will display any errors through QMP.
552 * returns: List of keys associated with the user.
553 */
qmp_guest_ssh_get_authorized_keys(const char * username,Error ** errp)554 GuestAuthorizedKeys *qmp_guest_ssh_get_authorized_keys(const char *username,
555 Error **errp)
556 {
557 GuestAuthorizedKeys *keys = NULL;
558 g_auto(GStrv) authKeys = NULL;
559 g_autoptr(GuestAuthorizedKeys) ret = NULL;
560 g_auto(PWindowsUserInfo) userInfo = NULL;
561
562 /* Gets user information */
563 if (!get_user_info(&userInfo, username, errp)) {
564 return NULL;
565 }
566
567 /* Reads authkeys for the user */
568 authKeys = read_authkeys(userInfo->authorizedKeyFile, errp);
569 if (authKeys == NULL) {
570 return NULL;
571 }
572
573 /* Set the GuestAuthorizedKey struct with keys from the file */
574 ret = g_new0(GuestAuthorizedKeys, 1);
575 for (int i = 0; authKeys[i] != NULL; i++) {
576 g_strstrip(authKeys[i]);
577 if (!authKeys[i][0] || authKeys[i][0] == '#') {
578 continue;
579 }
580
581 QAPI_LIST_PREPEND(ret->keys, g_strdup(authKeys[i]));
582 }
583
584 /*
585 * Steal the pointer because it is up for the callee to deallocate the
586 * memory.
587 */
588 keys = g_steal_pointer(&ret);
589 return keys;
590 }
591
592 /*
593 * Adds an ssh key for a user.
594 *
595 * parameters:
596 * username -> User to add the SSH key to
597 * strList -> Array of keys to add to the list
598 * has_reset -> Whether the keys have been reset
599 * reset -> Boolean to reset the keys (If this is set the existing list will be
600 * cleared) and the other key reset. errp -> Pointer to an error structure that
601 * will get returned over QMP if anything goes wrong.
602 */
qmp_guest_ssh_add_authorized_keys(const char * username,strList * keys,bool has_reset,bool reset,Error ** errp)603 void qmp_guest_ssh_add_authorized_keys(const char *username, strList *keys,
604 bool has_reset, bool reset, Error **errp)
605 {
606 g_auto(PWindowsUserInfo) userInfo = NULL;
607 g_auto(GStrv) authkeys = NULL;
608 strList *k;
609 size_t nkeys, nauthkeys;
610
611 /* Make sure the keys given are valid */
612 if (!check_openssh_pub_keys(keys, &nkeys, errp)) {
613 return;
614 }
615
616 /* Gets user information */
617 if (!get_user_info(&userInfo, username, errp)) {
618 return;
619 }
620
621 /* Determine whether we should reset the keys */
622 reset = has_reset && reset;
623 if (!reset) {
624 /* Read existing keys into memory */
625 authkeys = read_authkeys(userInfo->authorizedKeyFile, NULL);
626 }
627
628 /* Check that the SSH key directory exists for the user. */
629 if (!g_file_test(userInfo->sshDirectory, G_FILE_TEST_IS_DIR)) {
630 BOOL success = create_ssh_directory(userInfo, errp);
631 if (!success) {
632 return;
633 }
634 }
635
636 /* Reallocates the buffer to fit the new keys. */
637 nauthkeys = authkeys ? g_strv_length(authkeys) : 0;
638 authkeys = g_realloc_n(authkeys, nauthkeys + nkeys + 1, sizeof(char *));
639
640 /* zero out the memory for the reallocated buffer */
641 memset(authkeys + nauthkeys, 0, (nkeys + 1) * sizeof(char *));
642
643 /* Adds the keys */
644 for (k = keys; k != NULL; k = k->next) {
645 /* Check that the key doesn't already exist */
646 if (g_strv_contains((const gchar *const *)authkeys, k->value)) {
647 continue;
648 }
649
650 authkeys[nauthkeys++] = g_strdup(k->value);
651 }
652
653 /* Write the authkeys to the file. */
654 write_authkeys(userInfo, authkeys, errp);
655 }
656
657 /*
658 * Removes an SSH key for a user
659 *
660 * parameters:
661 * username -> Username to remove the key from
662 * strList -> List of strings to remove
663 * errp -> Contains any errors that occur.
664 */
qmp_guest_ssh_remove_authorized_keys(const char * username,strList * keys,Error ** errp)665 void qmp_guest_ssh_remove_authorized_keys(const char *username, strList *keys,
666 Error **errp)
667 {
668 g_auto(PWindowsUserInfo) userInfo = NULL;
669 g_autofree struct passwd *p = NULL;
670 g_autofree GStrv new_keys = NULL; /* do not own the strings */
671 g_auto(GStrv) authkeys = NULL;
672 GStrv a;
673 size_t nkeys = 0;
674
675 /* Validates the keys passed in by the user */
676 if (!check_openssh_pub_keys(keys, NULL, errp)) {
677 return;
678 }
679
680 /* Gets user information */
681 if (!get_user_info(&userInfo, username, errp)) {
682 return;
683 }
684
685 /* Reads the authkeys for the user */
686 authkeys = read_authkeys(userInfo->authorizedKeyFile, errp);
687 if (authkeys == NULL) {
688 return;
689 }
690
691 /* Create a new buffer to hold the keys */
692 new_keys = g_new0(char *, g_strv_length(authkeys) + 1);
693 for (a = authkeys; *a != NULL; a++) {
694 strList *k;
695
696 /* Filters out keys that are equal to ones the user specified. */
697 for (k = keys; k != NULL; k = k->next) {
698 if (g_str_equal(k->value, *a)) {
699 break;
700 }
701 }
702
703 if (k != NULL) {
704 continue;
705 }
706
707 new_keys[nkeys++] = *a;
708 }
709
710 /* Write the new authkeys to the file. */
711 write_authkeys(userInfo, new_keys, errp);
712 }
713